I have been running NetFlow successfully on all of my ASAs for the past few months. Recently, one of my ASA failover pairs has decided to stop sending netflow packets. Is there a command to restart the subsystem that handles netflow, or any other fix I'm overlooking? I'd like to see if there are easier options before I move into reload-standby;reload situations or even cold cycling the pair.
Relevant config:
flow-export destination NYHQ-SERVERS 1.2.3.4 12346
flow-export template timeout-rate 1
policy-map global_policy
class class-default
set connection decrement-ttl
user-statistics accounting
flow-export event-type all destination 1.2.3.4
!
ASA# sh flow counter
destination: NYHQ-SERVERS 1.2.3.4 12346
Statistics:
packets sent 45442077
Errors:
block allocation failure 0
invalid interface 0
template send failure 0
no route to collector 0
source port allocation failure 0
Best Answer
I found the reason and it was a stupid mistake. For some reason the global policy was not enabled globally. By executing
service-policy global_policy globalI got netflow talking once again.